Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tensorflow vulnerabilities and exploits
(subscribe to this query)
409
VMScore
CVE-2021-37666
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in `tf.raw_ops.RaggedTensorToVariant`. The [implementation](https://github.com/tensorflow/tensorflow/blob/4...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
409
VMScore
CVE-2021-37679
TensorFlow is an end-to-end open source platform for machine learning. In affected versions it is possible to nest a `tf.map_fn` within another `tf.map_fn` call. However, if the input tensor is a `RaggedTensor` and there is no function signature provided, code assumes the output ...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
187
VMScore
CVE-2021-37680
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of fully connected layers in TFLite is [vulnerable to a division by zero error](https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/te...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
187
VMScore
CVE-2021-37684
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementations of pooling in TFLite are vulnerable to division by 0 errors as there are no checks for divisors not being 0. We have patched the issue in GitHub commit [dfa22b348b70bb8...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
187
VMScore
CVE-2021-37686
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the strided slice implementation in TFLite has a logic bug which can allow an malicious user to trigger an infinite loop. This arises from newly introduced support for [ellipsis in axis de...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
187
VMScore
CVE-2021-37688
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can craft a TFLite model that would trigger a null pointer dereference, which would result in a crash and denial of service. The [implementation](https://github.com/tensorflow/...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
187
VMScore
CVE-2021-37649
TensorFlow is an end-to-end open source platform for machine learning. The code for `tf.raw_ops.UncompressElement` can be made to trigger a null pointer dereference. The [implementation](https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensor...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
187
VMScore
CVE-2021-37637
TensorFlow is an end-to-end open source platform for machine learning. It is possible to trigger a null pointer dereference in TensorFlow by passing an invalid input to `tf.raw_ops.CompressElement`. The [implementation](https://github.com/tensorflow/tensorflow/blob/47a06f40411a69...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
409
VMScore
CVE-2021-37638
TensorFlow is an end-to-end open source platform for machine learning. Sending invalid argument for `row_partition_types` of `tf.raw_ops.RaggedTensorToTensor` API results in a null pointer dereference and undefined behavior. The [implementation](https://github.com/tensorflow/tens...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
320
VMScore
CVE-2021-37635
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of sparse reduction operations in TensorFlow can trigger accesses outside of bounds of heap allocated data. The [implementation](https://github.com/tensorflow/tensorflow...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »